Further thoughts on operationalizing your security

In an earlier post, I referencedthe CEO of Symantec, Enrique Salem’s speech at the RSA conference where he talked about operationalizing your security.  This week I have been working at several clients doing Proof of Concepts on Symantec DLP.  This week has lead to think very hard on how the different peices of the Symantec stack fit together very neatly.

No longer are we secure because we run anti-virus plus proper firewalls in place, we need a system in place to deal with the changing threats.  Three years ago I was working as a network administrator for a private bank, we had a security policy in place, we managed our Windows Updates, we had network scans done quarterly and penetration testing done as well.  Were we secure?  Maybe, maybe not there were a lot of things I did not have visibility into.  Did we have data leakage? Were our severs in compliance?  Were people copying data on to USB drives/DVD drives?  I just didn’t know.

Now with the different products in the Symantec product set we can work on getting that visiblity we need.  it is not be the draconian IT department that all the other departments fear.  It is about being safe with our companies data and being smart with what we are trusted with.

More thoughts to follow as I start to work on Operationalizing Security

One thought on “Further thoughts on operationalizing your security

  1. Pingback: You’ll Pry My Virus Scanner from My Cold Hands « Finding Ponies in Piles of Poop

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s